URLhaus Database

You are currently viewing the URLhaus database entry for http://37.252.69.10:58829/.i which is being or has been used to serve malware. Please consider that URLhaus does not differentiate between websites that have been compromised by hackers and such that has been setup by cybercriminals for the sole purpose of serving malware.

Database Entry

Add tag Remove tag Perform URL rescan Delete this URL Report a False Positive
ID:3525013
URL: http://37.252.69.10:58829/.i
URL Status:flame Online (spreading malware for 1 year, 1 month, 6 days, 20 hours, 18 minutes)
Host: 37.252.69.10
Date added:2025-04-25 18:01:15 UTC
Threat:Malware download Malware download
Reporter: cesnet_certs
Abuse complaint sent (?): Yes (2025-04-25 18:02:53 UTC to abuse{at}ucom[dot]am)
Tags:hajime

Payload delivery

The table below documents all payloads that URLhaus retrieved from this particular URL.

FirstseenFilenameFile TypePayload (SHA256)VTBazaarSignature
2026-04-18.iunknown f47e90789d8ef140b11d63dda36d0bbbb76e6b385e6b28bbf992fbf325747341n/a 
2026-01-11n/aelf 916f0b4f038f2c3fcf539cd4c53a6235e3a0d7bd356cfb4790d92808b7277e86n/a 
2025-05-09n/aelf d4dd171c8143192cab63ee42dfe1bf359fbac8af325123dd404ae88ea1ee8fdbVirustotal results 57.14% 
2025-05-09n/aelf 7e4416ea90a3f8b96e452285d4e230af6477498bdc8e04bafeabefe60321458eVirustotal results 55.56% 
2025-05-08n/aelf 80419535d57d4c4605ff2e289769e3e1a6a9730d0f2dde766c28877b3ccecf75Virustotal results 70.31% 
2025-05-08n/aelf e54977e44c282dfd33e0f66190a0ee51079730168368c196e3f45177d1346c30Virustotal results 58.73% 
2025-04-25n/aelf a04ac6d98ad989312783d4fe3456c53730b212c79a426fb215708b6c6daa3de3Virustotal results 76.19%Hajime